Battle Over HealthCare.gov Paper Trail Reaches House Leadership

By Joseph Marks

December 18, 2013

The battle over releasing contractor documents that may reveal security weaknesses in HealthCare.gov, the Obama administration’s online health insurance marketplace, reached the leadership level on Wednesday as House Minority Leader Nancy Pelosi sent a letter to Speaker John Boehner requesting a classified briefing about the documents.

Pelosi wants the Republican chairs of several House committees to sit down with the administration’s top cybersecurity officials to hear their case for why documents subpoenaed by House Oversight and Government Reform Committee Chairman Rep. Darrell Issa, R-Calif., should not be released.

Contractors submitted unredacted copies of the documents, including a mid-October security review, to Issa last week over the objection of officials at the Health and Human Services Department. They argued releasing the documents could give hackers a roadmap to interfere with HealthCare.gov’s operations or to steal insurance seekers’ personal information.

Issa has said he will not release any information that would endanger the site’s security, but he feels compelled to give Americans’ fair warning if their personal data such as social security numbers may be at risk.

He plans to meet with private sector security experts to determine which documents or sections of documents are safe to release, he has said, adding that he asked to meet with Health and Human Services Secretary Kathleen Sebelius this week to go over administration concerns about the documents “page by page.”

Administration officials previously gave Issa and other committee members redacted documents from contractors MITRE Corporation and CSSI and allowed them to review unredacted copies of the documents but not keep them. Issa subpoenaed the unredacted documents despite objections from Democrats on the oversight committee.

Democrats have charged that Issa’s main goal is tamping down enrollment in Obamacare, which reaches an important deadline on Monday, by raising security fears. People must purchase insurance by Monday to be covered on the first day of 2014.

“Our concern is not simply with Chairman Issa’s blatant efforts to undermine the Affordable Care Act; it is the danger of a breach of security and trust across government,” Pelosi said in her letter to Boehner.

Health and Human Services officials say HealthCare.gov has passed government standards for information security and that there have been no sucessful breaches of the site since it was launched.

HealthCare.gov performed disastrously upon launch but gradually improved in the following weeks as developers worked around the clock to fix it. Since a self-imposed Nov. 30 deadline, officials say the site has been operating well, with an error rate lower than 1 percent and low wait times.